Before watching your videos, I had a hard time with pretty much anything on htb and wasted so much energy on useless stuff. You taught me how to structure my workflow and be thorough with my research before even attempting anything. Thanks IppSec !
@zoes1711 ай бұрын
27:36 “WE ARE SYSTEM " reminds me of "all your base are belong to us", gotta love Zero Wing.
@KyserClark11 ай бұрын
Crytal clear guide! I just Pwned Aero thanks to this video. Took me a long time to download a Windows VM and get Visual Studio running, but once I did I was off to the races. Thanks you for your help. Keep up the video guides!
@errorspidey11 ай бұрын
I wonder how did you learnt all those things?? I've watched the entire video and it seemed so easy for you to exploit successfully to the machine.
@lrmarquez8010 ай бұрын
Practice, practice, practice!!!
@raj77in11 ай бұрын
Yoy did nit create the theme again when showing it works without export but I get the point. Nice video as usual.
@ippsec11 ай бұрын
You don’t have to create the theme, just replace the dll. All the theme does is set the unc path to load the dll, none of the payloads are inside the theme
@raj77in11 ай бұрын
@@ippsec got it
@brandonslaughter711811 ай бұрын
Bad ass!!!
@NVTFT10 ай бұрын
Why at 36:33 the reverse shell you got is in ImmersiveControlPanel and when you do that again it is in window/system32 although you not change anything tks
@ippsec10 ай бұрын
Honestly I don’t know, that’s why I said if it happens try it again. The exploit itself is a race condition, so I guess it could happen at different parts of the exploitation
@gespoL-11 ай бұрын
👏
@tntxqx828111 ай бұрын
Nice ippsec
@apechzzz557811 ай бұрын
Is Defender installed and working on this Windows boxes on HTB? Or maybe it's some stripped out version without Defender?
@tg794311 ай бұрын
Push!
@sotecluxan422111 ай бұрын
Oooo....!
@AUBCodeII11 ай бұрын
Aero Zeppelin
@AUBCodeII11 ай бұрын
23:58 the same thing happened to me
@ryuzaky139511 ай бұрын
I can't stop the service that runs over 445. I did all the steps, reboot and my machine is still listening. I even changed the values to disabled insted of auto. 😢 The service is system and it's disabled for server. I checked if other service could be using that port and nothing. Does anyone know why?
@ippsec11 ай бұрын
Did you reboot after disabling the service?
@ryuzaky139511 ай бұрын
@@ippsec it worked the second time. Thanks, bro! I had to change in the properties to disable before rebooting, in the service for server.
@lonelyorphan978811 ай бұрын
Ippsec rocks! 🙂
@TheErixcode11 ай бұрын
24:00 I see it every day in almost every site, because I'm from Iran :((
@Fbarrett11 ай бұрын
Why so fast Ippsec? Could not even see the changes you made at 11:31.😖
@ippsec11 ай бұрын
I was just moving a function to the bottom, didn't type anything.
@Lord-Heihachi11 ай бұрын
Am a newbie so i was following you step by step, and now i stumbled on an error i couldn't fix.. when testing the dll file "VerifyThemeVersion.dll" on a windows, here : 13:00 , i got an error RunDLL: error in verifyThemeVersion.dll, Missing entry VerifyThemeVersion.. am using a windows 11 box..
@Exodia198810 ай бұрын
23:53
@albertcorzo10 ай бұрын
I don't understand why you always overcomplicate the stuff.
@ippsec10 ай бұрын
Hard to answer without knowing what part you are referring to. However, I generally do a lot of things "the long way" because it is more flexible. When something doesn't work you'll have a better idea to why it didn't work versus if you just ran a script to do a lot of things for you.
@albertcorzo10 ай бұрын
@@ippsec in my opinion: If you make things too complicated for someone, you may overwhelm the person and frustrate progress. However, if someone wants to do something more complicated, they will always have the opportunity to come back to it or investigate the problem again in the future with another point of view. Regards !
@ippsec10 ай бұрын
@@albertcorzo It would really help if you pointed out what part you thought was overcomplicated. I agree with your sentimate but I am thinking you are refering to the foothold with generating a malicious theme, if not then the rant below is irrelevant. If you are saying the complicated part was not just using a POC that was on github to do it, I would say yes it could frusterate them and halt progress. But if they just ran the script that did the exploit for them, I would call that false progress and eventually be harmful to them long term. By that I mean, I don't think there is any benefit in people learning to exploit the windows aero theme itself. If you're idea of hacking is just building a catalog of scripts to run when you see $x, IMO you aren't learning the right way and waste a lot of time doing something that isn't scalable. So instead of teaching the windows aero exploit, I'm trying to show what DLL Injection is and how it can be applicable to various things.
@lrmarquez8010 ай бұрын
It’s not over complicated when you understand what’s going on. Usually this is the best way to understand things better. It’s no different then learning how to drive a commercial truck, anyone can learn how to hold the steering wheel but learning what’s under the hood makes you a better driver
@albertcorzo10 ай бұрын
@@lrmarquez80 If you check other videos or the hackthebox walkthrough most of the times it's easier to understand if we are talking about a insane machine i can understand you can do something more difficult to understand but for a middle level, more straight more easy, because the people it's getting concepts and this people it's just beginners, but that's my opinion